Commit Graph

4633 Commits

Author SHA1 Message Date
Michal Privoznik
2e5ad5881b virISCSIScanTargets: Honour iSCSI interface
When scanning for targets, iSCSI might give different results
depending on the interface used. This is basically just name of
config file under /etc/iscsi/ifaces to use. The file contains
initiator IQN thus different results claim.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-07-25 07:11:13 +02:00
Ján Tomko
c31146685f tests: also skip qemuagenttest with old jansson
qemuagenttest also depends on JSON object key ordering:
Invalid value of argument 'vcpus' of command 'guest-set-vcpus':
expected '[{"logical-id":1,"online":false}]' got '[{"online":false,"logical-id":1}]'

Skip it as well.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 17:03:02 +02:00
Peter Krempa
9c9d697a5c tests: qemuxml2argv: Add CAPS_LATEST version of security-related tests
'disk-network-source-auth' and 'disk-network-tlsx509'

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:36 +02:00
Peter Krempa
ca19bb378f tests: qemuxml2argv: Add CAPS_LATEST version of 'disk-network-sheepdog'
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:36 +02:00
Peter Krempa
9b7631d2b6 tests: qemuxml2argv: Add CAPS_LATEST version of 'disk-network-gluster'
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:35 +02:00
Peter Krempa
d276a6a517 tests: qemuxml2argv: Add CAPS_LATEST version of 'disk-readonly' and 'disk-shared'
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:35 +02:00
Peter Krempa
a08aa3154b tests: qemuxml2argv: Add CAPS_LATEST version of 'disk-floppy' and 'floppy-drive-fat'
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:35 +02:00
Peter Krempa
60ed5f7b7a tests: qemu: Remove pointless 'disk-many' test
We have several cases when a VM has multiple disks in the test files so
having another one without any interesting configuration is not
necessary.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:35 +02:00
Peter Krempa
d20de39c3f tests: qemuxml2argv: Unify testing of 'disk-network-rbd'
Move the authentication and ipv6 cases into the main test file. To allow
removal of the separate testing of the secure credential passing via the
'secret' object in qemu, use the DO_TEST_CAPS_VER macro with version
2.5.0 when the secret object is not supported by qemu.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:35 +02:00
Peter Krempa
4d016addca tests: qemu: Remove pointless 'disk-network-ceph-env' test
The xml2argv variant was unused. The xml2xml variant is redundant in
other tests for RBD.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:35 +02:00
Peter Krempa
ff8bc0876d tests: qemuxml2argv: Add 'CAPS_LATEST' version of 'disk-network-nbd'
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:35 +02:00
Peter Krempa
14ded7bb83 tests: qemu: Unify nbd disk source testing
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:35 +02:00
Peter Krempa
a1bca5479e tests: qemuxml2argv: Add 'CAPS_LATEST' version of 'disk-network-iscsi'
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:35 +02:00
Peter Krempa
a717cf2c94 tests: qemu: Unify iscsi disk source testing
Move various different iSCSI configuration into one test file.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:34 +02:00
Peter Krempa
d1c9c6bf74 tests: qemu: Unify disk cache testing
Move the 'unsafe' cache test into 'disk-cache' and remove all the
individual cases for one cache mode each.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:34 +02:00
Peter Krempa
b60e5f9198 tests: qemu: Add xml2xml and minimal version of 'disk-cache' test
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:34 +02:00
Peter Krempa
e38a890c93 tests: qemuxml2argv: Rename disk-write-cache test do disk-cache
We'll aggregate testing of all cache modes in this test later on.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:34 +02:00
Peter Krempa
9245aad664 tests: qemuxml2argv: Add 'CAPS_LATEST' version of 'disk-aio' test
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:34 +02:00
Peter Krempa
cc0f112a63 tests: qemuxml2argv: Add 'CAPS_LATEST' version for 'disk-detect-zeroes'
This test also excercises options of 'discard'.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:34 +02:00
Peter Krempa
6bcffc5113 tests: qemuxml2argv: Add 'CAPS_LATEST' data for disk-cdrom* tests
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:34 +02:00
Peter Krempa
e5dce69a9c tests: qemuxml2argv: Unify testing of local cdroms
Test empty cdroms along with cdroms with medium.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:34 +02:00
Peter Krempa
5617c1d30f tests: qemuxml2argv: Unify network cdrom source testing
Unify most of the tests into a common test named disk-cdrom-network by
adding multiple cdroms. The 'http' test is dropped since there can be
only 4 cdroms.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:33 +02:00
Peter Krempa
f6a1a8911e tests: qemuxml2argv: Remove tests obsoleted by assuming support for '-device'
Few disk tests were testing support for pure -drive command line
generation for disks now that we assume it for all qemu versions the
cases are obsolete.

Replacements:
disk-readonly-no-device -> disk-readonly-disk
disk-floppy-tray-no-device -> disk-floppy-tray
disk-cdrom-tray-no-device -> disk-cdrom-tray

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:33 +02:00
Peter Krempa
e38ebbc1c0 tests: qemuxml2argv: Add 'CAPS_LATEST' version of "disk-copy_on_read"
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:33 +02:00
Peter Krempa
e9d0e2fd7f tests: qemuxml2xml: Remove duplicate test disk-copy-on-read.xml
We also have disk-copy_on_read.xml which also tests the command line.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:33 +02:00
Peter Krempa
0bdb704383 tests: qemu: Drop 'drive' from disk tests
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-23 15:32:33 +02:00
Daniel P. Berrangé
cf92b90e35 tests: fix TLS handshake failure with TLS 1.3
When gnutls negotiates TLS 1.3 instead of 1.2, the order of messages
sent by the handshake changes. This exposed a logic bug in the test
suite which caused us to wait for the server to see handshake
completion, but not wait for the client to see completion. The result
was the client didn't receive the certificate for verification and the
test failed.

This is exposed in Fedora 29 rawhide which has just enabled TLS 1.3 in
its GNUTLS builds.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-07-23 11:36:09 +01:00
Erik Skultety
d48813e81a conf: Introduce new video type 'none'
Historically, we've always enabled an emulated video device every time we
see that graphics should be supported with a guest. With the appearance
of mediated devices which can support QEMU's vfio-display capability,
users might want to use such a device as the only video device.
Therefore introduce a new, effectively a 'disable', type for video
device.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
2018-07-18 18:23:51 +02:00
Erik Skultety
c0ca6dcf42 qemu: command: Enable formatting vfio-pci.display option onto cmdline
Since QEMU 2.12, QEMU understands a new vfio-pci device option 'display'
which can be used to turn on display capabilities on vgpu-enabled
mediated devices, IOW emulated GPU devices like QXL will no longer be
needed with vgpu-enable mdevs.
QEMU defaults to 'auto' for the 'display' attribute, which is not
foolproof, so we need to play it safe here and default to display='off'
if this attribute wasn't provided in the XML explicitly.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
2018-07-18 18:16:08 +02:00
Erik Skultety
d54e45b6ed conf: Introduce new <hostdev> attribute 'display'
QEMU 2.12 introduced a new type of display for mediated devices using
vfio-pci backend which allows a mediated device to be used as a VGA
compatible device as an alternative to an emulated video device. QEMU
exposes this feature via a vfio device property 'display' with supported
values 'on/off/auto' (libvirt will default to 'off').

This patch adds the necessary bits to domain config handling in order to
expose this feature. Since there's no convenient way for libvirt to come
up with usable defaults for the display setting, simply because libvirt
is not able to figure out which of the display implementations - dma-buf
which requires OpenGL support vs vfio regions which doesn't need OpenGL
(works with OpenGL enabled too) - the underlying mdev uses.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
2018-07-18 18:16:08 +02:00
Erik Skultety
11c7bdac6d qemu: caps: Add vfio-pci.display capability
QEMU 2.12 introduced a new vfio-pci device option 'display=on/off/auto'.
This patch introduces the necessary capability.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-18 18:16:07 +02:00
Erik Skultety
d8266ebe16 qemu: Introduce a new graphics display type 'headless'
Since 2.10 QEMU supports a new display type egl-headless which uses the
drm nodes for OpenGL rendering copying back the rendered bits back to
QEMU into a dma-buf which can be accessed by standard "display" apps
like VNC or SPICE. Although this display type can be used on its own,
for any practical use case it makes sense to pair it with either VNC or
SPICE display. The clear benefit of this display is that VNC gains
OpenGL support, which it natively doesn't have, and SPICE gains remote
OpenGL support (native OpenGL support only works locally through a UNIX
socket, i.e. listen type=socket/none).

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
2018-07-18 18:16:07 +02:00
Erik Skultety
7ab7d0ed49 qemu: caps: Introduce a capability for egl-headless
Since QEMU 2.10, it's possible to use a new type of display -
egl-headless which uses drm nodes to provide OpenGL support. This patch
adds a capability for that. However, since QEMU doesn't provide a QMP
command to probe it, we have to base the capability on specific QEMU
version.

Acked-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
2018-07-18 18:15:58 +02:00
Ján Tomko
4dd6054000 m4: Introduce STABLE_ORDERING_JANSSON
Add a second check for Jansson >= 2.8, which includes
fixes to preserve ordering of object keys.

Use this constant to guard tests that depend on stable ordering.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-07-18 17:54:18 +02:00
Ján Tomko
9cf38263d0 Switch from yajl to Jansson
Yajl has not seen much activity upstream recently.
Switch to using Jansson >= 2.5.

All the platforms we target on https://libvirt.org/platforms.html
have a version >= 2.7 listed on the sites below:
https://repology.org/metapackage/jansson/versions
https://build.opensuse.org/package/show/devel:libraries:c_c++/libjansson

Additionally, Ubuntu 14.04 on Travis-CI has 2.5. Set the requirement
to 2.5 since we don't use anything from newer versions.

Implement virJSONValue{From,To}String using Jansson, delete the yajl
code (and the related virJSONParser structure) and report an error
if someone explicitly specifies --with-yajl.

Also adjust the test data to account for Jansson's different whitespace
usage for empty arrays and tune up the specfile to keep 'make rpm'
working when bisecting.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-07-18 17:54:18 +02:00
Ján Tomko
17f50c8260 qemu: vnc: switch to tls-creds-x509
The tls, x509 and x509verify options were deprecated in QEMU v2.5.0:

commit 3e305e4a4752f70c0b5c3cf5b43ec957881714f7
Author:     Daniel P. Berrange <berrange@redhat.com>

    ui: convert VNC server to use QCryptoTLSSession

Use the tls-creds-x509 object when available.

https://bugzilla.redhat.com/show_bug.cgi?id=1598167

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-07-18 17:29:51 +02:00
Ján Tomko
11b5396cea tests: qemu: test more versions for graphics-vnc-tls
Add a test with QEMU 2.4.0 capabilites, as well as the latest caps.

The code paths for formatting TLS options will be altered and
2.4.0 is the newest version where QEMU_CAPS_OBJECT_TLS_CREDS_X509
is not supported.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-07-18 17:29:47 +02:00
Ján Tomko
a37d832c91 tests: qemu: Remove disk from graphics-vnc-tls
The disk command line is tested elsewhere.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-07-18 13:27:07 +02:00
Erik Skultety
aaf105da59 tests: Update capabilities data for QEMU 3.0.0 x86_64
The original capabilities didn't include a patched kernel for spectre,
SPICE gl support and had xen support enabled which we already have
dropped.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2018-07-17 11:43:06 +02:00
Erik Skultety
fa39de4f86 tests: Add capabilities data for QEMU 2.11 x86_64
We were missing these for x86_64 arch, so this is just for completeness.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2018-07-17 11:43:06 +02:00
Peter Krempa
4085984889 tests: qemumonitorjson: Do QMP schema validation for DO_TEST_GEN
Test some more QMP commands against the schema.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-07-13 14:18:20 +02:00
Peter Krempa
b3a0e3aab1 tests: qemumonitorjson: Fix schema testing of monitor commands
The 'simpleFunc' data structure is overwritten by the code generated
from the macros which initiate the tests. This means that most of the
tests would get NULL 'schema' member which means that the schema
validation would not take place.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-07-13 14:18:20 +02:00
Peter Krempa
1fc1102391 tests: qemumonitorjson: Raise the necessary debug level for QAPI schema checks
The debug output of the schema validator on success is not so
interesting that it should be printed when basic debugging is enabled.

Print it only when test debugging is set to 3 and more.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-07-13 14:18:07 +02:00
Peter Krempa
33470896e5 tests: qemumonitorutils: Don't crash on wrong monitor command
virQEMUQAPISchemaPathGet returns success when a given schema path was
not found but the returned object is set to NULL. This meant that we'd
call testQEMUSchemaValidate with the schemaroot being NULL which lead to
a crash if a mistyped monitor command was tested.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-07-13 14:15:59 +02:00
Peter Krempa
e59dc14d1e tests: qemuschema: Add line break to debug message
Message stating which schema replies file is being used would be
squashed with other messages.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-07-13 14:15:59 +02:00
Peter Krempa
d682f90891 tests: qemuschema: Fix copy-paste error in function name
s/testQEMUSchemaValidateArrayBuiltin/testQEMUSchemaValidateBuiltin/

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-07-13 14:15:59 +02:00
Peter Krempa
bb4f3543bb qemu: command: Format rerror/werror with -device instead of -drive
Use the new proper location for the read/write error policy selection.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-10 13:37:51 +02:00
Peter Krempa
a087a8e60a qemu: capabilities: Add capability for werror/rerror for 'usb-device' frontend
Support for specifying it with the -device frontend was added recently.
Add a capability for it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-10 13:37:51 +02:00
Peter Krempa
3cb1497dfc tests: qemuxml2argv: Add CAPS_LATEST version for the disk error policy test
Add output arguments generated with the latest qemu capabilities.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-10 13:37:51 +02:00
Peter Krempa
98ee8bcf6d tests: qemuxml2argv: Unify all tests for disk error policy
Add multiple drives with the various configurations rather than having
multiple tests.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-10 13:37:51 +02:00
Peter Krempa
1cb98a1fb3 qemu: block: Add support for RBD authentication for blockdev
To allow using -blockdev with RBD we need to support the recently added
RBD authentication.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-10 13:37:51 +02:00
Peter Krempa
8b4a31efc0 tests: qemucaps: Add test data for upcoming qemu 3.0.0
Based on qemu commit ab3257c281c1a1a91da1090ac9e38ddd8f860c63

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-10 13:37:51 +02:00
Peter Krempa
e1e04a0263 tests: remove qemuqapischema.json
We now take the schema from the qemucapabilitiestest data.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-10 13:37:50 +02:00
Peter Krempa
92a18bb567 tests: qemu: Use qmp schema data from the qemucapabilities test
Add helpers that allow using the latest schema from the replies from an
actual qemu which are recorded for the purpose of the qemucapabilities
test instead of an unsynced copy stored in qemuqapischema.json.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-10 13:37:50 +02:00
Peter Krempa
d60c17b3d7 tests: Remove disk from 'serial-unix-chardev' test
We are testing character devices so the disk is not necessary. Minimize
the configuration. This will prevent changes when switching to blockdev.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-07-10 13:32:53 +02:00
Erik Skultety
ff767f083f qemu: command: Fix building of the SDL display command line
QEMU uses a shorthand '-sdl' which maps to '-display sdl'. However, if
there are any options to be passed to SDL, the full command version must
be used. Everything seemingly worked for us until commit 5038b30043
introduced OpenGL support for SDL and added ',gl=on/off' option which as
mentioned above could have never worked with the shorthand version of
the command. Indeed starting a domain with an SDL display and OpenGL
enabled, QEMU produces a rather cryptic error:

-sdl: Could not open 'gl=on': No such file or directory

This patch provides fixes to both the SDL cmdline generation and the
test suite.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-07-09 17:45:19 +02:00
Daniel P. Berrangé
1bc1a7e320 qemu: fix UNIX socket chardevs operating in client mode
When support was adding for passing a pre-opened listener socket to UNIX
chardevs, it accidentally passed the listener socket for client mode
chardevs too with predictable amounts of fail resulting. This affects
libvirt when using QEMU >= 2.12

Expand the unit test coverage to validate that we are only doing FD
passing when operating in server mode.

  https://bugzilla.redhat.com/show_bug.cgi?id=1598440

Tested-by: Richard W.M. Jones <rjones@redhat.com>
Reported-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-07-06 14:08:05 +01:00
Daniel P. Berrangé
ed5aa85f37 qemu: don't use chardev FD passing for vhostuser backend
QEMU chardevs have a bug which makes the vhostuser backend complain
about lack of support for FD passing when validating the chardev.
While this is ultimately QEMU's responsibility to fix, libvirt needs to
avoid tickling the bug.

Simply disabling chardev FD passing just for vhostuser's chardev is
the most prudent approach, avoiding need for a QEMU version number
check.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-07-06 10:07:47 +01:00
Daniel P. Berrangé
b340c6c614 qemu: format serial and geometry on frontend disk device
Currently we format the serial, geometry and error policy on the -drive
backend argument.

QEMU added the ability to set serial and geometry on the frontend in
the 1.2 release deprecating use of -drive, with support being deleted
from -drive in 3.0.

We keep formatting error policy on -drive for now, because we don't
ahve support for that with -device for usb-storage just yet.

Note that some disk buses (sd) still don't support -device. Although
QEMU allowed these properties to be set on -drive for if=sd, they
have been ignored so we now report an error in this case.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-07-03 16:32:42 +01:00
Andrea Bolognani
d4c1117107 qemu: Format the HTM pSeries feature
This makes the feature fully operational.

https://bugzilla.redhat.com/show_bug.cgi?id=1525599

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-07-03 09:47:01 +02:00
Andrea Bolognani
9f3b9100f3 conf: Parse and format the HTM pSeries feature
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-07-03 09:46:59 +02:00
Andrea Bolognani
755a5765ac qemu: Add capability for the HTM pSeries feature
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-07-03 09:46:52 +02:00
Peter Krempa
b4891e997c tests: qemumonitorjson: Fix name and call apropriate API
Call the internal version of qemuMonitorGetAllBlockStatsInfo API and
rename the test accordingly.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-07-03 06:34:08 +02:00
Peter Krempa
dca4abc0e3 tests: qemumonitorjson: Add only required replies for blockstats test
testQemuMonitorJSONqemuMonitorJSONGetBlockStatsInfo added 4 replies but
only one was used. Additionally the comment stated that 7 replies are
going to be added.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-07-03 06:34:08 +02:00
John Ferlan
39cef12a95 storage: Add support for using inputvol for encryption
Starting with QEMU 2.9, encryption convert processing requires
a multi-step process in order to generate an encrypted image from
some non encrypted raw image.

Processing requires to first create an encrypted image using the
sizing parameters from the input source and second to use the
--image-opts, -n, and --target-image-opts options along with inline
driver options to describe the input and output files, generating
two commands such as:

  $ qemu-img create -f luks \
      --object secret,id=demo.img_encrypt0,file=/path/to/secretFile \
      -o key-secret=demo.img_encrypt0 \
      demo.img 500K
  Formatting 'demo.img', fmt=luks size=512000 key-secret=demo.img_encrypt0
  $ qemu-img convert --image-opts -n --target-image-opts \
      --object secret,id=demo.img_encrypt0,file=/path/to/secretFile \
      driver=raw,file.filename=sparse.img \
      driver=luks,file.filename=demo.img,key-secret=demo.img_encrypt0
  $

This patch handles the convert processing by running the processing
in a do..while loop essentially reusing the existing create logic and
arguments to create the target vol from the inputvol and then converting
the inputvol using new arguments.

This then allows the following virsh command to work properly:

  virsh vol-create-from default encrypt1-luks.xml data.img --inputpool default

where encrypt1-luks.xml would provided the path and secret for
the new image, while data.img would be the source image.

Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-26 14:02:43 -04:00
John Ferlan
8f83af6823 storage: Disallow create/resize of qcow2 encrypted images
https://bugzilla.redhat.com/show_bug.cgi?id=1526382

Since commit c4eedd793 disallowed qcow2 encrypted images to be
used for domains, it no longer makes sense to allow a qcow2
encrypted volume to be created or resized.

Add a test that will exhibit the failure of creation as well
as the xml2xml validation of the format still being correct.

Update the documentation to note the removal of the capability
to create and use qcow/default encrypted volumes.

Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-26 14:02:43 -04:00
John Ferlan
a02d879858 tests: Remove qcow2 encryption from storagevol tests
We're about to disallow creation of a qcow2 encrypted storage
volume, so let's remove the qcow encryption element from the
tests which are testing whether other format='qcow2' related
features work properly.

Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-26 14:02:43 -04:00
John Ferlan
23e9aa7297 tests: Add luks creation examples to storagevolxml2argvtest
Add the storagevolxml2xmltest "luks" and "luks-cipher" tests
to the storagevolxml2argvtest.

Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-26 14:02:43 -04:00
John Ferlan
b056e09b28 storage: Don't allow encryption secretPath to be NULL
Allowing a NULL @secretPath for virStorageBackendCreateQemuImgCmdFromVol
would result in a generated command line with a dangling "file=" output.
So let's make sure the @secretPath exists before processing.

This means we should pass a dummy path from the storage test.

Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-26 14:02:43 -04:00
Anya Harter
c3427c4a85 qemu: Escape commas for qemuBuildSCSIiSCSIHostdevDrvStr
Add comma escaping for netsource. This is done here because
qemuBuildNetworkDriveStr has other external callers which
may not expect an escaped comma; however, this particular
command building path needs to perform the escaping for the
hostdev command line, so we do it now to ensure src->path
and src->host->name are covered.

Signed-off-by: Anya Harter <aharter@redhat.com>
2018-06-26 11:04:38 -04:00
Daniel P. Berrangé
41d619e99c schemas: add schema for nwfilter binding XML document
Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-06-26 11:22:07 +01:00
Daniel P. Berrangé
17b1ebf4ec conf: add support for parsing/formatting virNWFilterBindingDefPtr
A typical XML representation of the virNWFilterBindingDefPtr struct
looks like this:

  <filterbinding>
    <owner>
      <name>f25arm7</name>
      <uuid>12ac8b8c-4f23-4248-ae42-fdcd50c400fd</uuid>
    </owner>
    <portdev name='vnet1'/>
    <mac address='52:54:00:9d:81:b1'/>
    <filterref filter='clean-traffic'>
      <parameter name='MAC' value='52:54:00:9d:81:b1'/>
    </filterref>
  </filterbinding>

Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-06-26 11:22:07 +01:00
Andrea Bolognani
a12e7a3944 qemu: Format HPT maxpagesize on the command line
This makes the feature fully functional.

https://bugzilla.redhat.com/show_bug.cgi?id=1571078

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2018-06-26 10:15:56 +02:00
Andrea Bolognani
0ee6f885e0 conf: Parse and format HPT maxpagesize
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2018-06-26 10:15:52 +02:00
Andrea Bolognani
15f9db5303 conf: Tweak HPT feature parsing and formatting
This doesn't seem very useful at the moment, but it will make
sense once we introduce another HPT-related setting.

The output XML is decoupled from the input XML in preparation
of future changes as well; while doing so, we can shave a few
lines off the latter.

This commit is best viewed with 'git show -w'.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2018-06-26 10:15:50 +02:00
Andrea Bolognani
90e6e0fae8 qemu: Add capability for the HPT maxpagesize feature
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2018-06-26 10:15:44 +02:00
Andrea Bolognani
0a527017c4 tests: Add replies for QEMU 3.0.0 on ppc64
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2018-06-26 10:15:36 +02:00
Anya Harter
1136fd4ebe qemu: Escape commas for qemuBuildDiskThrottling
Add comma escaping for disk->blkdeviotune.group_name.

Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-21 17:49:15 -04:00
Laine Stump
17b4734288 schema: allow a <rule> element with no subelements in a nwfilter
This is a regression in behavior caused by commit 37359814. It was
intended to limit the schema to allow only a single subelement of
<rule>, but it is also acceptable for <rule> to have no subelement at
all.

To prevent the same error from reoccurring in the future, the
examples/xml/nwfilter directory was added to the list of nwfilter
schema test directories.

Resolves: https://bugzilla.redhat.com/1593549

Signed-off-by: Laine Stump <laine@laine.org>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-21 04:04:49 -04:00
Cole Robinson
14781dcde6 qemu_command: replace vlan= with netdev= for legacy nic
VMs with hardcoded platform network devices are forced to use old
style '-net nic' command line config. Current we use qemu's vlan
option to hook this with the '-netdev' host side of things.

However since qemu 1.2 there is '-net nic,netdev=X' option for
explicitly referencing a netdev ID, which is more inline with
typical VM commandlines, so let's switch to that

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2018-06-20 14:26:21 -04:00
Andrea Bolognani
b1acfaaf89 tests: Fix qemucapsfixreplies
Since e6be524508 we include the executed command along
with the reply in *.replies files, which breaks the
renumbering logic implemented in qemucapsfixreplies.

Adapt the script so that it works with the new format.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2018-06-19 14:01:14 +02:00
Anya Harter
23f55840f5 qemu: Escape commas for qemuBuildGrapicsSPICECommandLine
Add comma escaping for cfg->spiceTLSx509certdir and
graphics->data.spice.rendernode.

Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-18 19:39:13 -04:00
Anya Harter
0234a2754b qemu: Escape commas for qemuBuildSmartcardCommandLine
Add comma escaping for smartcard->data.cert.file[i] and
smartcard->data.cert.database.

Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-18 19:39:08 -04:00
Anya Harter
97975bef32 qemu: Escape commas for qemuBuildChrChardevFileStr
Add comma escaping for fileval.

Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-18 19:39:02 -04:00
Anya Harter
452dac71cd qemu: Escape commas for qemuBuildChrChardevStr
Add comma escaping for dev->data.file.path in cases
VIR_DOMAIN_CHR_TYPE_DEV and VIR_DOMAIN_CHR_TYPE_PIPE.

Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-18 19:38:54 -04:00
Anya Harter
22b7247d48 tests: add test file for smartcard database
Add test case explicitly defining a smartcard host certificates
database via the following xml:

    <smartcard mode='host-certificates'>
      <database>/tmp/foo</database>
    </smartcard>

This case is not currently covered in the test suite.

Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-18 19:27:49 -04:00
Erik Skultety
6688393c6b conf: Fix formatting of <sev> element in domain capabilities XML
We only formatted the <sev> element when QEMU supported the feature when
in fact we should always format the element to make clear that libvirt
knows about the feature and the fact whether it is or isn't supported
depends on QEMU version, in other words if QEMU doesn't support the
feature we're going to format the following into the domain capabilities
XML:

<sev supported='no'/>

This patch also adjusts the RNG schema accordingly in order to reflect
the proposed change.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-06-15 10:49:13 +02:00
Michal Privoznik
a02526a045 qemuxml2argvtest: Don't leak TPM unix path
When testing a domain XML with TPM we overwrite UNIX socket path
to mimic what qemuTPMEmulatorPrepareHost() is doing (because
*PrepareHost() functions are not called from the test). But we
are not doing it fully - we need to set the chardev's type too so
that virDomainTPMDefFree() can free the path.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2018-06-14 14:25:42 +02:00
Ján Tomko
e56ff8bc72 conf: prefer camelCase for launchSecurity
Adjust the documentation, parser and tests to change:
launch-security -> launchSecurity
reduced-phys-bits -> reducedPhysBits
dh-cert -> dhCert

Also fix the headline in formatdomain.html to be more generic,
and some leftover closing elements in the documentation.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Tested-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-06-13 14:42:17 +02:00
Peter Krempa
e6be524508 tests: qemucapabilities: Test commands used to query capabilities
Use qemuMonitorTestNewFromFileFull which allows to test commands used
along with providing replies. This has two advantages:

1) It's easier to see which command was used when looking at the files
2) We check that the used commands are actually in the correct order

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-12 10:27:50 +02:00
Peter Krempa
e00ecd1bed tests: qemucapsprobemock: Prepare 'qemucapsprobe' for the new format
Change the output of qemucapsprobe to record the commands used for
querying. This allows to easily identify which reply belongs to which
command and also will allow to test whether we use stable queries.

This change includes changing dropping of the QMP greeting from the file
and reformatting of the query and output to stdout.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-12 10:27:50 +02:00
Peter Krempa
9369348eb8 tests: qemucapsprobemock: Fail if JSON reply from qemu can't be reformatted
Rather than skipping output on failure fail loudly.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-12 10:27:50 +02:00
Peter Krempa
0ed2716531 tests: qemucapsprobemock: Simplify and extract skipping of empty lines
The prettyfied output may sometimes contain empty lines which would
desynchonize the test monitor workers. The skipping code can be much
simplified though. Also a extract it so so that it's obvious what
it's doing and can be reused.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-12 10:27:50 +02:00
Peter Krempa
1025264ec5 tests: qemumonitor: Optimize control flow when concatenating replies
The test file can be broken up by newlines and is automatically
concatenated back. Fix the control flow so that the concatenation code
'continues' the loop rather than branching out.

Also add an anotation to the concatenation code.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-12 10:27:50 +02:00
Peter Krempa
dcea889b13 tests: qemumonitor: Simplify handling of end of file in full file test
On EOF, the loop can be terminated right away since most of it is
skipped anyways and the handling of the last command is repeated after
the loop.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-12 10:27:50 +02:00
Peter Krempa
215167042a tests: qemucapabilities: Reset command sequence before second probe
The test data for capabilities is obtained from two consecutive qemu
runs when the regular monitor object will be reset. Do the same for the
test monitor object which is not disposed between runs by calling
qemuMonitorResetCommandID.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-06-12 10:27:50 +02:00
Brijesh Singh
11ab77fe88 qemu: Add support to launch an SEV guest
QEMU >= 2.12 provides 'sev-guest' object which is used to launch encrypted
VMs on AMD platform using SEV feature. The various inputs required to
launch SEV guest is provided through the <launch-security> tag. A typical
SEV guest launch command line looks like this:

  -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=5 ...\
  -machine memory-encryption=sev0 \

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-06-12 10:00:49 +02:00
Brijesh Singh
e5791a0306 conf: Introduce launch-security element in domain
The launch-security element can be used to define the security
model to use when launching a domain. Currently we support 'sev'.

When 'sev' is used, the VM will be launched with AMD SEV feature enabled.
SEV feature supports running encrypted VM under the control of KVM.
Encrypted VMs have their pages (code and data) secured such that only the
guest itself has access to the unencrypted version. Each encrypted VM is
associated with a unique encryption key; if its data is accessed to a
different entity using a different key the encrypted guests data will be
incorrectly decrypted, leading to unintelligible data.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-06-12 10:00:49 +02:00
Brijesh Singh
d4005609f3 qemu: Provide support to query the SEV capability
QEMU version >= 2.12 provides support for launching an encrypted VMs on
AMD x86 platform using Secure Encrypted Virtualization (SEV) feature.
This patch adds support to query the SEV capability from the qemu.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-06-12 09:51:59 +02:00
John Ferlan
05c41f4f1d test: Check return status for libxlxml2domconfigtest
Commit id d8e8b63d introduced the test, but neglected to check for
error from virTestLoadFile in testCompareXMLToDomConfig.

Found by Coverity

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Katerina Koukiou <kkoukiou@redhat.com>
2018-06-11 18:33:13 -04:00